Jump to content

Recommended Posts

Hello all,

 

I have made a script that does what I want but I am asking are there any flaws in my coding that I am missing in terms of security?

 

* When a user registers by default the table sets the column status to pending

* The key generated is a random 5 character string with a mixture of Uppercase and Numbers

	// IF username is missing from URL then redirect
	if ( empty($_GET['username']) ) {
	redirect_to("register.php");
	}	
	// IF key is missing from URL then redirect
	if ( empty($_GET['key']) ) {
	redirect_to("register.php");
	}
	
	// SQL Query
	$sql = "SELECT * from users WHERE username = '{$_GET['username']}'";
	$result = $mysqli->query($sql);
	$row = $result->fetch_assoc();	

	if ( $row['status'] == 'pending' ) {
	
		if ( $_GET['key'] == $row['activation'] ) {
    $sql = "UPDATE users SET status='enabled' WHERE username='{$_GET['username']}' LIMIT 1";
	$result = $mysqli->query($sql);	
    $sql = "UPDATE users SET activation='' WHERE username='{$_GET['username']}' LIMIT 1";
	$result = $mysqli->query($sql);	
		echo 'Your account is now <font color=green><strong>ACTIVE</strong></font>';
		}
	}
	
		if ( $_GET['key'] != $row['activation'] ) {
			redirect_to("register.php");
		}

Thanks for your feedback! I hope I done okay as I am learning :)

Edited by RedInjection
Link to comment
https://forums.phpfreaks.com/topic/299307-validate-after-user-registers/
Share on other sites

 

any flaws in my coding that I am missing in terms of security?

Yes you are not sanitizing your user input values. If you don't do this then your code is open to SQL Injection attacks.

You can use mysqli_real_escape_string to sanitize your values. But as you are using mysqli then you should be using prepared statememts.

 

 

Why the two update queries here?

    $sql = "UPDATE users SET status='enabled' WHERE username='{$_GET['username']}' LIMIT 1";
	$result = $mysqli->query($sql);	
    $sql = "UPDATE users SET activation='' WHERE username='{$_GET['username']}' LIMIT 1";
	$result = $mysqli->query($sql);

You only need to to have the one, you can set the values for both the status and activation columns in the same update query.

    $sql = "UPDATE users SET status='enabled', activation='' WHERE username='{$_GET['username']}' LIMIT 1";
	$result = $mysqli->query($sql);	

The key generated is a random 5 character string with a mixture of Uppercase and Numbers

 

 

Show you code for the key generation. This is where one of your problems is. @Jaques1 has posted good information on how this should be done so I am not going to repeat it.

Edited by benanamen
	function generateRandomString($length = 5) {
		$characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
		$charactersLength = strlen($characters);
		$randomString = '';
		for ($i = 0; $i < $length; $i++) {
			$randomString .= $characters[rand(0, $charactersLength - 1)];
		}
		return $randomString;
	}

This is my function - Is this ok?

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.